• medium_adult_son [he/him]
    ·
    2 years ago

    This is what SPF, DKIM, and DMARC already do with DNS records to verify the identity of the email sender. There's no need for this except for more surveillance.

    • Cummunism [they/them, he/him]
      ·
      2 years ago

      99.9% of the planet doesnt know what youre talking about. How is this different than how Twitter checkmarks used to work?

      • medium_adult_son [he/him]
        ·
        edit-2
        2 years ago

        SPF is basically a record of email servers/IP addresses that the domain authorizes to send emails. So you can't send a fake email from @hexbear.net from another IP address.

        DKIM is a digital signature for outgoing emails, the public key is available on their DNS records so recipients can verify the key (signed with the sender's private key) in the email header of the message they received.

        DMARC is a policy that allows or quarantines emails received based on if they fail SPF or DKIM checks. These can be adjusted to allow emails through that aren't signed via DKIM.

        Edit: Current email clients use icons similar to web browsers for this. Secure/insecure lock icons.

        I don't know how this would be different from Twitter checkmarks. This isn't necessary at all, since we can already verify an email from corporation.com was sent and signed by their email servers using open standards.

        • Cummunism [they/them, he/him]
          ·
          edit-2
          2 years ago

          i should have said "How is Google checkmarks different than how Twitter checkmarks used to work?"

          sorry. I'm in IT so I know what that stuff is. We get DMARC fails alllllll the time at my job.

    • huf [he/him]
      ·
      2 years ago

      they can value-add to all that as long as your mail stays within the google empire

      embrace, extend, extinguish